Modern computing systems and software increasingly rely on live connections to the Internet. There is a growing number of applications for which the Internet connection is a mandatory operation condition; the volume of data being transferred through the network is growing as well. At the same time, the organization of the network connectivity is becoming more complex and of larger scale, which, in turn, affects the quality and speed of data transfer.
A proxy server is often used to ensure Internet access for local area network computers. Generally speaking, a proxy server is a network service, which is sometimes required to establish a connection between an application and a remote server on the Internet. The operation of a proxy server is based on a mechanism for interception and redirection of connections. The implementation of such a mechanism is performed using various APIs (Application Programming Interfaces) provided by modern operating systems, which have functions for interaction with network ports and connections. A proxy server can reside on a server situated remotely from the client receiving the benefit of the proxy server's operation. Also, a proxy server can be implemented as part of a firewall on a networking device such as a switch or router. Another implementation of a proxy is on the local computing system itself, such as part of a firewall or other component of a security application or of the operating system. Data flow is passed through the proxy, which can monitor, filter, and redirect the data packets as needed according to the beneficial service to be provided by the proxy. For instance, to protect users working on local computer systems, a proxy can analyze the connections to Internet addresses, and block or redirect network traffic if a connection is suspected of exposing the user's computer system to undue risk (such as the risk of malware or hacker attack). A variety of data processing operations can be performed by the proxy to this end.
A transparent proxy, also referred to as an intercepting proxy, intercepts normal communication at the network layer without requiring any special client configuration. As its name implies, clients need not be aware of the existence of the transparent proxy. A transparent proxy is normally located between the client and the Internet, with the proxy performing some of the functions of a gateway or router. Typically a transparent proxy intercepts network traffic, namely data packets, using such techniques as filter drivers and callbacks associated with events occurring on the monitored transmission control protocol (TCP) socket. In a typical layered networking architecture, TCP is implemented at the transport layer, and provides an interface between applications at a higher layer and a lower internet layer that uses internet protocol (IP).
One challenge in operating a transparent proxy is managing the flow of data from each sender to the intended recipient. In proxies that perform significant on-board processing such as protection of users against malicious activity, for instance, the time needed to perform such processing can interfere with typical or expected data flow on the sender's or recipient's respective sides. For example, TCP requires the exchange of control bits such as SYN, ACK, and FIN in IP datagrams. Conventional transparent proxies tend to pass these control datagrams through to the recipient without processing, since these are not data-bearing packets of interest to the protection functionality. This can create problems where, for instance, a call for closing a connection (i.e., using the FIN control bit) can be passed through to the recipient before all of the data being processed by the proxy has been delivered. This scenario of events can result in loss of the data being processed without either side becoming aware of that loss.
An effective and practical solution is therefore needed to manage errors associated with the use of transparent proxies.